CVE-2011-1163

The osf_partition function in fs/partitions/osf.c in the Linux kernelbefore 2.6.38 does not properly handle an invalid number of partitions,which might allow local users to obtain potentially sensitive informationfrom kernel heap memory via vectors related to partition-table parsing.

Ubuntu-Description

Timo Warns discovered that OSF partition parsing routines did not correctlyclear memory. A local attacker with physical access could plug in aspecially crafted block device to read kernel memory, leading to a loss ofprivacy.